Description
Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Published: 2026-05-14
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free condition in the Downloads module of Google Chrome versions prior to 148.0.7778.168 allows a remote attacker to trigger arbitrary code execution when a user is tricked into performing specific UI gestures on a crafted HTML page. This weakness hinges on CWE‑416 and carries a high severity rating according to Chromium security.

Affected Systems

Chromium‑based browsers from Google, specifically Chrome versions before 148.0.7778.168. Users operating any of these releases are at risk, including those on Windows, macOS, and Linux platforms that have not yet applied the latest stable channel update.

Risk and Exploitability

Because the flaw requires only a web page that induces user interaction, the attack surface is broad. The EPSS score is unavailable, while the vulnerability is not listed in CISA's KEV catalog. Nonetheless, the high severity rating and the ability to exploit the flaw from a web page make this a serious threat that should be mitigated as soon as possible. The CVSS score is 8.8.

Generated by OpenCVE AI on May 15, 2026 at 14:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Chrome to the latest stable release that contains the download module patch.
  • Enable automatic updates to ensure the browser receives future security patches without manual intervention.
  • If an update cannot be applied immediately, avoid interacting with untrusted web pages that could exploit download‑related gestures until the issue is resolved.

Generated by OpenCVE AI on May 15, 2026 at 14:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6273-1 chromium security update
History

Fri, 15 May 2026 12:15:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Downloads Enables Remote Code Execution from Crafted Web Page chromium-browser: chromium-browser: Use after free in Downloads
Weaknesses CWE-825
References
Metrics threat_severity

None

 threat_severity

Important

Thu, 14 May 2026 23:30:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google chrome
Vendors & Products Google
Google chrome

Thu, 14 May 2026 22:30:00 +0000

Type Values Removed Values Added
Title Use‑After‑Free in Chrome Downloads Enables Remote Code Execution from Crafted Web Page

Thu, 14 May 2026 21:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 14 May 2026 20:15:00 +0000

Type Values Removed Values Added
Description Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Weaknesses CWE-416
References

Subscriptions

Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2026-05-15T03:56:26.963Z

Reserved: 2026-05-14T05:40:20.222Z

Link: CVE-2026-8551

cve-icon Vulnrichment

Updated: 2026-05-14T20:36:49.478Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-14T20:17:16.163

Modified: 2026-05-14T21:19:23.923

Link: CVE-2026-8551

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-14T19:52:26Z

Links: CVE-2026-8551 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T14:15:51Z

Weaknesses